Each month, RCM&D’s Cyber Practice highlights key issues in the world of cybersecurity. In this month’s edition of Cyber News Bytes, we discuss a checklist for businesses looking to be more cyber secure, cybersecurity steps to take before a merger/acquisition, a task force convened by the Justice Department to tackle ransomware attacks, and more.
Do you Check the Cybersecurity Boxes?
A recent write-up from PLUS provides a useful checklist for organizations striving to become more cyber secure. While cybersecurity is an ongoing process that requires adapting to new methods and types of attacks, this checklist includes basic security protocols critical for any business to implement.
Cybersecurity Steps to Take Before a Merger or Acquisition
An article from CISO Mag underscores the importance of preparation before Merger & Acquisition (M&A) deals, especially when it comes to cybersecurity. The article references several M&A deals over the past five years in which the acquiring company did not do its due diligence in this area, resulting in liability for inadequate security measures and previously undetected data breaches. Several important steps are outlined as part of the M&A process, which include the following:
- Understand security policies and processes for purchasing any company.
- Assess the security at the source code level if purchasing a software company or product.
- Assess the network security if purchasing a company that comes with IT Infrastructure.
It also suggests that the acquiring company include cybersecurity professionals as part of the due diligence team to help further protect the firm and identify risks.
Justice Department Convenes Task Force to Tackle Wave of Ransomware Attacks
As discussed in previous Cyber News Bytes newsletters, all parties continue to grapple with the complexities and challenges associated with the rising number of cyber events, particularly those stemming from Ransomware attacks. To move towards a solution, the public and private sectors have created and provided support for a new task force to address Ransomware-related issues, as discussed by The Hill and Krebs on Security, respectively. The group was formed to support proactive risk management improvement and response coordination initiatives, including awareness, training, intelligence, investigations, and more. The status of this new task force and its impact on containing the growing issue of Ransomware will be important to monitor in the months ahead.
Ransomware in 2021: 3 Trends Cyber Insurers are Seeing
This newsletter has thoroughly covered Ransomware activity and its impacts on the cyber insurance market in recent months. However, as noted above, this continues to be a significant issue garnering the attention of both public and private leadership. Lauren Winchester’s recent blog via PLUS outlines three key Ransomware trends that help provide an understanding of why this has become such an issue. A piece from Insurance Business goes on to outline one example of a particular insurance company’s response to these trends, reviewing the adjustments Tokio Marine is looking to make across their cyber book. While all markets are handling these challenges differently, and working with a specialized cyber brokerage partner can help to mitigate these challenges, the article provides a real example of the obstacles insured organizations are facing at renewal.
Questions?
RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.